International audienceMotivated by applications to security and high efficiency , we propose an automated methodology for validating on low-level intermediate representations the results of a source-level static analysis. Our methodology relies on two main ingredients: a relative-safety checker, an instance of a relational verifier which proves that a program is "safer" than another, and a transformation of programs into defensive form which verifies the analysis results at runtime. We prove the soundness of the methodology, and provide a formally verified instantiation based on the Verasco verified C static analyzer and the CompCert verified C compiler. We experiment with the effectiveness of our approach with client optimizations at RTL l...
Static analyzers, which have been successfully deployed in real world to statically find software er...
International audienceStatic analyzers based on abstract interpretation are complex pieces of softwa...
International audienceConstant-time programming is an established discipline to secure programs agai...
International audienceMotivated by applications to security and high efficiency , we propose an auto...
International audienceThis paper reports on the design and soundness proof, using the Coq proof assi...
International audienceWe show that abstract interpretation-based static program analysis can be made...
A certified static analysis is an analysis whose semantic validity has been formally proved correct ...
L'analyse statique des programmes permet d'étudier les comportements possibles des programmes sans l...
International audienceA certified static analysis is an analysis whose semantic validity has been fo...
International audienceStatic analysis – the automatic determination of simple properties of a progra...
International audienceThis invited talk describes the logical foundations and the status of the ongo...
Secure compilation aims to build compilation chains that preserve security properties when translati...
Static analysis is nowadays an essential component of many software development toolsets, attracting...
International audienceStatic analysis of binary code is challenging for several reasons. In particul...
International audienceStatic analyzers based on abstract interpretation are tools aiming at the auto...
Static analyzers, which have been successfully deployed in real world to statically find software er...
International audienceStatic analyzers based on abstract interpretation are complex pieces of softwa...
International audienceConstant-time programming is an established discipline to secure programs agai...
International audienceMotivated by applications to security and high efficiency , we propose an auto...
International audienceThis paper reports on the design and soundness proof, using the Coq proof assi...
International audienceWe show that abstract interpretation-based static program analysis can be made...
A certified static analysis is an analysis whose semantic validity has been formally proved correct ...
L'analyse statique des programmes permet d'étudier les comportements possibles des programmes sans l...
International audienceA certified static analysis is an analysis whose semantic validity has been fo...
International audienceStatic analysis – the automatic determination of simple properties of a progra...
International audienceThis invited talk describes the logical foundations and the status of the ongo...
Secure compilation aims to build compilation chains that preserve security properties when translati...
Static analysis is nowadays an essential component of many software development toolsets, attracting...
International audienceStatic analysis of binary code is challenging for several reasons. In particul...
International audienceStatic analyzers based on abstract interpretation are tools aiming at the auto...
Static analyzers, which have been successfully deployed in real world to statically find software er...
International audienceStatic analyzers based on abstract interpretation are complex pieces of softwa...
International audienceConstant-time programming is an established discipline to secure programs agai...